You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by el...@apache.org on 2010/12/09 01:12:08 UTC
svn commit: r1043790 [6/6] - in /directory/apacheds/trunk/protocol-kerberos:
./ src/main/java/org/apache/directory/server/kerberos/kdc/
src/main/java/org/apache/directory/server/kerberos/kdc/authentication/
src/main/java/org/apache/directory/server/ker...
Modified: directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/TicketGrantingServiceTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/TicketGrantingServiceTest.java?rev=1043790&r1=1043789&r2=1043790&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/TicketGrantingServiceTest.java (original)
+++ directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/TicketGrantingServiceTest.java Thu Dec 9 00:12:07 2010
@@ -33,36 +33,31 @@ import javax.security.auth.kerberos.Kerb
import org.apache.directory.server.kerberos.kdc.KdcServer;
import org.apache.directory.server.kerberos.protocol.AbstractAuthenticationServiceTest.KrbDummySession;
-import org.apache.directory.server.kerberos.shared.KerberosMessageType;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumType;
import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
-import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
import org.apache.directory.server.kerberos.shared.crypto.encryption.RandomKeyFactory;
-import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
-import org.apache.directory.server.kerberos.shared.messages.ErrorMessage;
-import org.apache.directory.server.kerberos.shared.messages.KdcRequest;
-import org.apache.directory.server.kerberos.shared.messages.TicketGrantReply;
-import org.apache.directory.server.kerberos.shared.messages.components.EncTicketPartModifier;
-import org.apache.directory.server.kerberos.shared.messages.components.Ticket;
-import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
-import org.apache.directory.server.kerberos.shared.messages.value.HostAddress;
-import org.apache.directory.server.kerberos.shared.messages.value.HostAddresses;
-import org.apache.directory.server.kerberos.shared.messages.value.KdcOptions;
-import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
-import org.apache.directory.server.kerberos.shared.messages.value.RequestBody;
-import org.apache.directory.server.kerberos.shared.messages.value.RequestBodyModifier;
-import org.apache.directory.server.kerberos.shared.messages.value.flags.TicketFlag;
import org.apache.directory.server.kerberos.shared.store.PrincipalStore;
+import org.apache.directory.shared.kerberos.KerberosTime;
+import org.apache.directory.shared.kerberos.codec.options.KdcOptions;
+import org.apache.directory.shared.kerberos.codec.types.EncryptionType;
+import org.apache.directory.shared.kerberos.components.EncTicketPart;
+import org.apache.directory.shared.kerberos.components.EncryptionKey;
+import org.apache.directory.shared.kerberos.components.HostAddress;
+import org.apache.directory.shared.kerberos.components.HostAddresses;
+import org.apache.directory.shared.kerberos.components.KdcReq;
+import org.apache.directory.shared.kerberos.components.KdcReqBody;
+import org.apache.directory.shared.kerberos.crypto.checksum.ChecksumType;
+import org.apache.directory.shared.kerberos.exceptions.ErrorType;
+import org.apache.directory.shared.kerberos.exceptions.KerberosException;
+import org.apache.directory.shared.kerberos.flags.TicketFlag;
+import org.apache.directory.shared.kerberos.messages.KrbError;
+import org.apache.directory.shared.kerberos.messages.TgsRep;
+import org.apache.directory.shared.kerberos.messages.TgsReq;
+import org.apache.directory.shared.kerberos.messages.Ticket;
import org.junit.After;
import org.junit.Before;
+import org.junit.Ignore;
import org.junit.Test;
-
-/**
- * Tests the Ticket-Granting Service (TGS) via the {@link KerberosProtocolHandler}.
- *
- * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
- */
public class TicketGrantingServiceTest extends AbstractTicketGrantingServiceTest
{
private KdcServer config;
@@ -81,7 +76,7 @@ public class TicketGrantingServiceTest e
/*
* Body checksum verification must be disabled because we are bypassing
- * the codecs, where the body bytes are set on the KdcRequest message.
+ * the codecs, where the body bytes are set on the KdcReq message.
*/
config.setBodyChecksumVerified( false );
@@ -128,23 +123,21 @@ public class TicketGrantingServiceTest e
Ticket tgt = getTgt( clientPrincipal, serverPrincipal, serverPassword );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "hnelson" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "hnelson" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
KdcOptions kdcOptions = new KdcOptions();
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long currentTime = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( currentTime + KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
-
- RequestBody requestBody = modifier.getRequestBody();
+ kdcReqBody.setTill( requestedEndTime );
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
}
@@ -156,19 +149,21 @@ public class TicketGrantingServiceTest e
@Test
public void testProtocolVersionNumber()
{
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "hnelson" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "hnelson" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
- KdcRequest message = new KdcRequest( 4, KerberosMessageType.TGS_REQ, null, modifier.getRequestBody() );
+ KdcReq message = new TgsReq();
+ message.setProtocolVersionNumber( 4 );
+ message.setKdcReqBody( kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", ErrorMessage.class, msg.getClass() );
- ErrorMessage error = ( ErrorMessage ) msg;
- assertEquals( "Requested protocol version number not supported", 3, error.getErrorCode() );
+ assertEquals( "session.getMessage() instanceOf", KrbError.class, msg.getClass() );
+ KrbError error = ( KrbError ) msg;
+ assertEquals( "Requested protocol version number not supported", ErrorType.KDC_ERR_BAD_PVNO, error.getErrorCode() );
}
@@ -186,30 +181,28 @@ public class TicketGrantingServiceTest e
Ticket tgt = getTgt( clientPrincipal, serverPrincipal, serverPassword );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "badservice" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "badservice" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
KdcOptions kdcOptions = new KdcOptions();
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long currentTime = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( currentTime + KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
- RequestBody requestBody = modifier.getRequestBody();
-
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", ErrorMessage.class, msg.getClass() );
- ErrorMessage error = ( ErrorMessage ) msg;
- assertEquals( "Server not found in Kerberos database", 7, error.getErrorCode() );
+ assertEquals( "session.getMessage() instanceOf", KrbError.class, msg.getClass() );
+ KrbError error = ( KrbError ) msg;
+ assertEquals( "Server not found in Kerberos database", ErrorType.KDC_ERR_S_PRINCIPAL_UNKNOWN, error.getErrorCode() );
}
@@ -231,37 +224,36 @@ public class TicketGrantingServiceTest e
Ticket tgt = getTgt( clientPrincipal, serverPrincipal, serverPassword );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "hnelson" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "hnelson" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
KdcOptions kdcOptions = new KdcOptions();
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long currentTime = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( currentTime + KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
-
- RequestBody requestBody = modifier.getRequestBody();
+ kdcReqBody.setTill( requestedEndTime );
// Get the session key from the service ticket.
- sessionKey = tgt.getEncTicketPart().getSessionKey();
+ sessionKey = tgt.getEncTicketPart().getKey();
// Generate a new sequence number.
sequenceNumber = random.nextInt();
now = new KerberosTime();
- KdcRequest message = new KdcRequest( 5, KerberosMessageType.TGS_REQ, null, requestBody );
+ KdcReq message = new TgsReq();
+ message.setKdcReqBody( kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", ErrorMessage.class, msg.getClass() );
- ErrorMessage error = ( ErrorMessage ) msg;
- assertEquals( "KDC has no support for padata type", 16, error.getErrorCode() );
+ assertEquals( "session.getMessage() instanceOf", KrbError.class, msg.getClass() );
+ KrbError error = ( KrbError ) msg;
+ assertEquals( "KDC has no support for padata type", ErrorType.KDC_ERR_PADATA_TYPE_NOSUPP, error.getErrorCode() );
}
@@ -271,6 +263,7 @@ public class TicketGrantingServiceTest e
* @throws Exception
*/
@Test
+ @Ignore
public void testInappropriateChecksum() throws Exception
{
config.setBodyChecksumVerified( true );
@@ -281,30 +274,28 @@ public class TicketGrantingServiceTest e
Ticket tgt = getTgt( clientPrincipal, serverPrincipal, serverPassword );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "hnelson" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "hnelson" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
KdcOptions kdcOptions = new KdcOptions();
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long currentTime = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( currentTime + KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
- RequestBody requestBody = modifier.getRequestBody();
-
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", ErrorMessage.class, msg.getClass() );
- ErrorMessage error = ( ErrorMessage ) msg;
- assertEquals( "Inappropriate type of checksum in message", 50, error.getErrorCode() );
+ assertEquals( "session.getMessage() instanceOf", KrbError.class, msg.getClass() );
+ KrbError error = ( KrbError ) msg;
+ assertEquals( "Inappropriate type of checksum in message", ErrorType.KRB_AP_ERR_INAPP_CKSUM, error.getErrorCode() );
}
@@ -324,25 +315,23 @@ public class TicketGrantingServiceTest e
Ticket tgt = getTgt( clientPrincipal, serverPrincipal, serverPassword );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "hnelson" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "hnelson" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
KdcOptions kdcOptions = new KdcOptions();
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long currentTime = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( currentTime + KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
-
- RequestBody requestBody = modifier.getRequestBody();
+ kdcReqBody.setTill( requestedEndTime );
try
{
- getKdcRequest( tgt, requestBody, ChecksumType.DES_MAC_K );
+ getKdcRequest( tgt, kdcReqBody, ChecksumType.DES_MAC_K );
}
catch ( KerberosException ke )
{
@@ -366,30 +355,28 @@ public class TicketGrantingServiceTest e
Ticket tgt = getTgt( clientPrincipal, serverPrincipal, serverPassword );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "hnelson" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "hnelson" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
KdcOptions kdcOptions = new KdcOptions();
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long currentTime = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( currentTime + KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
-
- RequestBody requestBody = modifier.getRequestBody();
+ kdcReqBody.setTill( requestedEndTime );
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", ErrorMessage.class, msg.getClass() );
- ErrorMessage error = ( ErrorMessage ) msg;
- assertEquals( "Integrity check on decrypted field failed", 31, error.getErrorCode() );
+ assertEquals( "session.getMessage() instanceOf", KrbError.class, msg.getClass() );
+ KrbError error = ( KrbError ) msg;
+ assertEquals( "Integrity check on decrypted field failed", ErrorType.KRB_AP_ERR_BAD_INTEGRITY, error.getErrorCode() );
}
@@ -407,30 +394,28 @@ public class TicketGrantingServiceTest e
Ticket tgt = getTgt( clientPrincipal, serverPrincipal, serverPassword );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "hnelson" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "hnelson" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
KdcOptions kdcOptions = new KdcOptions();
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long currentTime = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( currentTime + KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
- RequestBody requestBody = modifier.getRequestBody();
-
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", ErrorMessage.class, msg.getClass() );
- ErrorMessage error = ( ErrorMessage ) msg;
- assertEquals( "The ticket isn't for us", 35, error.getErrorCode() );
+ assertEquals( "session.getMessage() instanceOf", KrbError.class, msg.getClass() );
+ KrbError error = ( KrbError ) msg;
+ assertEquals( "The ticket isn't for us", ErrorType.KRB_AP_ERR_NOT_US, error.getErrorCode() );
}
@@ -449,30 +434,28 @@ public class TicketGrantingServiceTest e
Ticket tgt = getTgt( clientPrincipal, serverPrincipal, serverPassword );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "hnelson" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "hnelson" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
KdcOptions kdcOptions = new KdcOptions();
kdcOptions.set( KdcOptions.RENEW );
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long currentTime = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( currentTime + KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
-
- RequestBody requestBody = modifier.getRequestBody();
+ kdcReqBody.setTill( requestedEndTime );
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", TicketGrantReply.class, msg.getClass() );
- TicketGrantReply reply = ( TicketGrantReply ) msg;
+ assertEquals( "session.getMessage() instanceOf", TgsRep.class, msg.getClass() );
+ TgsRep reply = ( TgsRep ) msg;
KerberosTime expectedRenewTillTime = tgt.getEncTicketPart().getRenewTill();
boolean isClose = Math.abs( reply.getRenewTill().getTime() - expectedRenewTillTime.getTime() ) < 5000;
@@ -491,41 +474,39 @@ public class TicketGrantingServiceTest e
{
// Get the mutable ticket part.
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
- EncTicketPartModifier encTicketPartModifier = getTicketArchetype( clientPrincipal );
+ EncTicketPart encTicketPart = getTicketArchetype( clientPrincipal );
// Make changes to test.
- encTicketPartModifier.setFlag( TicketFlag.INVALID );
+ encTicketPart.setFlag( TicketFlag.INVALID );
// Seal the ticket for the server.
KerberosPrincipal serverPrincipal = new KerberosPrincipal( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" );
String passPhrase = "randomKey";
EncryptionKey serverKey = getEncryptionKey( serverPrincipal, passPhrase );
- Ticket tgt = getTicket( encTicketPartModifier, serverPrincipal, serverKey );
+ Ticket tgt = getTicket( encTicketPart, serverPrincipal, serverKey );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "hnelson" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "hnelson" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
KdcOptions kdcOptions = new KdcOptions();
kdcOptions.set( KdcOptions.VALIDATE );
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long currentTime = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( currentTime + KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
-
- RequestBody requestBody = modifier.getRequestBody();
+ kdcReqBody.setTill( requestedEndTime );
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", TicketGrantReply.class, msg.getClass() );
- TicketGrantReply reply = ( TicketGrantReply ) msg;
+ assertEquals( "session.getMessage() instanceOf", TgsRep.class, msg.getClass() );
+ TgsRep reply = ( TgsRep ) msg;
KerberosTime expectedRenewTillTime = tgt.getEncTicketPart().getRenewTill();
boolean isClose = Math.abs( reply.getRenewTill().getTime() - expectedRenewTillTime.getTime() ) < 5000;
@@ -544,45 +525,44 @@ public class TicketGrantingServiceTest e
{
// Get the mutable ticket part.
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
- EncTicketPartModifier encTicketPartModifier = getTicketArchetype( clientPrincipal );
+ EncTicketPart encTicketPart = getTicketArchetype( clientPrincipal );
// Make changes to test.
- encTicketPartModifier.setFlag( TicketFlag.PROXIABLE );
+ encTicketPart.setFlag( TicketFlag.PROXIABLE );
// Seal the ticket for the server.
KerberosPrincipal serverPrincipal = new KerberosPrincipal( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" );
String passPhrase = "randomKey";
EncryptionKey serverKey = getEncryptionKey( serverPrincipal, passPhrase );
- Ticket tgt = getTicket( encTicketPartModifier, serverPrincipal, serverKey );
+ Ticket tgt = getTicket( encTicketPart, serverPrincipal, serverKey );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
KdcOptions kdcOptions = new KdcOptions();
kdcOptions.set( KdcOptions.PROXY );
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long now = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( now + 1 * KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
HostAddress[] address =
{ new HostAddress( InetAddress.getByName( null ) ) };
HostAddresses addresses = new HostAddresses( address );
- modifier.setAddresses( addresses );
+ kdcReqBody.setAddresses( addresses );
- RequestBody requestBody = modifier.getRequestBody();
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", TicketGrantReply.class, msg.getClass() );
- TicketGrantReply reply = ( TicketGrantReply ) msg;
+ assertEquals( "session.getMessage() instanceOf", TgsRep.class, msg.getClass() );
+ TgsRep reply = ( TgsRep ) msg;
assertTrue( "PROXY flag", reply.getFlags().isProxy() );
assertFalse( "INVALID flag", reply.getFlags().isInvalid() );
@@ -605,45 +585,44 @@ public class TicketGrantingServiceTest e
{
// Get the mutable ticket part.
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
- EncTicketPartModifier encTicketPartModifier = getTicketArchetype( clientPrincipal );
+ EncTicketPart encTicketPart = getTicketArchetype( clientPrincipal );
// Make changes to test.
- encTicketPartModifier.setFlag( TicketFlag.FORWARDABLE );
+ encTicketPart.setFlag( TicketFlag.FORWARDABLE );
// Seal the ticket for the server.
KerberosPrincipal serverPrincipal = new KerberosPrincipal( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" );
String passPhrase = "randomKey";
EncryptionKey serverKey = getEncryptionKey( serverPrincipal, passPhrase );
- Ticket tgt = getTicket( encTicketPartModifier, serverPrincipal, serverKey );
+ Ticket tgt = getTicket( encTicketPart, serverPrincipal, serverKey );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
KdcOptions kdcOptions = new KdcOptions();
kdcOptions.set( KdcOptions.FORWARDED );
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long now = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( now + 1 * KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
HostAddress[] address =
{ new HostAddress( InetAddress.getByName( null ) ) };
HostAddresses addresses = new HostAddresses( address );
- modifier.setAddresses( addresses );
+ kdcReqBody.setAddresses( addresses );
- RequestBody requestBody = modifier.getRequestBody();
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", TicketGrantReply.class, msg.getClass() );
- TicketGrantReply reply = ( TicketGrantReply ) msg;
+ assertEquals( "session.getMessage() instanceOf", TgsRep.class, msg.getClass() );
+ TgsRep reply = ( TgsRep ) msg;
assertTrue( "FORWARDED flag", reply.getFlags().isForwarded() );
assertFalse( "INVALID flag", reply.getFlags().isInvalid() );
@@ -667,40 +646,39 @@ public class TicketGrantingServiceTest e
{
// Get the mutable ticket part.
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
- EncTicketPartModifier encTicketPartModifier = getTicketArchetype( clientPrincipal );
+ EncTicketPart encTicketPart = getTicketArchetype( clientPrincipal );
// Make changes to test.
- encTicketPartModifier.setEndTime( new KerberosTime( 0 ) );
+ encTicketPart.setEndTime( new KerberosTime( 0 ) );
// Seal the ticket for the server.
KerberosPrincipal serverPrincipal = new KerberosPrincipal( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" );
String passPhrase = "randomKey";
EncryptionKey serverKey = getEncryptionKey( serverPrincipal, passPhrase );
- Ticket tgt = getTicket( encTicketPartModifier, serverPrincipal, serverKey );
+ Ticket tgt = getTicket( encTicketPart, serverPrincipal, serverKey );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "hnelson" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "hnelson" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
KdcOptions kdcOptions = new KdcOptions();
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long now = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( now + KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
- RequestBody requestBody = modifier.getRequestBody();
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", ErrorMessage.class, msg.getClass() );
- ErrorMessage error = ( ErrorMessage ) msg;
- assertEquals( "Ticket expired", 32, error.getErrorCode() );
+ assertEquals( "session.getMessage() instanceOf", KrbError.class, msg.getClass() );
+ KrbError error = ( KrbError ) msg;
+ assertEquals( "Ticket expired", ErrorType.KRB_AP_ERR_TKT_EXPIRED, error.getErrorCode() );
}
@@ -716,42 +694,41 @@ public class TicketGrantingServiceTest e
{
// Get the mutable ticket part.
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
- EncTicketPartModifier encTicketPartModifier = getTicketArchetype( clientPrincipal );
+ EncTicketPart encTicketPart = getTicketArchetype( clientPrincipal );
// Make changes to test.
- encTicketPartModifier.setFlag( TicketFlag.RENEWABLE );
- encTicketPartModifier.setRenewTill( new KerberosTime( 0 ) );
+ encTicketPart.setFlag( TicketFlag.RENEWABLE );
+ encTicketPart.setRenewTill( new KerberosTime( 0 ) );
// Seal the ticket for the server.
KerberosPrincipal serverPrincipal = new KerberosPrincipal( "ldap/ldap.example.com@EXAMPLE.COM" );
String passPhrase = "randomKey";
EncryptionKey serverKey = getEncryptionKey( serverPrincipal, passPhrase );
- Ticket tgt = getTicket( encTicketPartModifier, serverPrincipal, serverKey );
+ Ticket tgt = getTicket( encTicketPart, serverPrincipal, serverKey );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
KdcOptions kdcOptions = new KdcOptions();
kdcOptions.set( KdcOptions.RENEW );
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long now = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( now + KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
- RequestBody requestBody = modifier.getRequestBody();
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", ErrorMessage.class, msg.getClass() );
- ErrorMessage error = ( ErrorMessage ) msg;
- assertEquals( "Ticket expired", 32, error.getErrorCode() );
+ assertEquals( "session.getMessage() instanceOf", KrbError.class, msg.getClass() );
+ KrbError error = ( KrbError ) msg;
+ assertEquals( "Ticket expired", ErrorType.KRB_AP_ERR_TKT_EXPIRED, error.getErrorCode() );
}
@@ -769,39 +746,38 @@ public class TicketGrantingServiceTest e
// Get the mutable ticket part.
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
- EncTicketPartModifier encTicketPartModifier = getTicketArchetype( clientPrincipal );
+ EncTicketPart encTicketPart = getTicketArchetype( clientPrincipal );
// Make changes to test.
- encTicketPartModifier.setFlag( TicketFlag.RENEWABLE );
- encTicketPartModifier.setStartTime( new KerberosTime( now - KerberosTime.DAY / 2 ) );
- encTicketPartModifier.setEndTime( new KerberosTime( now + KerberosTime.DAY / 2 ) );
+ encTicketPart.setFlag( TicketFlag.RENEWABLE );
+ encTicketPart.setStartTime( new KerberosTime( now - KerberosTime.DAY / 2 ) );
+ encTicketPart.setEndTime( new KerberosTime( now + KerberosTime.DAY / 2 ) );
// Seal the ticket for the server.
KerberosPrincipal serverPrincipal = new KerberosPrincipal( "ldap/ldap.example.com@EXAMPLE.COM" );
String passPhrase = "randomKey";
EncryptionKey serverKey = getEncryptionKey( serverPrincipal, passPhrase );
- Ticket tgt = getTicket( encTicketPartModifier, serverPrincipal, serverKey );
+ Ticket tgt = getTicket( encTicketPart, serverPrincipal, serverKey );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
KdcOptions kdcOptions = new KdcOptions();
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
KerberosTime requestedEndTime = new KerberosTime( now + KerberosTime.DAY / 2 );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
- RequestBody requestBody = modifier.getRequestBody();
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", TicketGrantReply.class, msg.getClass() );
- TicketGrantReply reply = ( TicketGrantReply ) msg;
+ assertEquals( "session.getMessage() instanceOf", TgsRep.class, msg.getClass() );
+ TgsRep reply = ( TgsRep ) msg;
KerberosTime expectedEndTime = tgt.getEncTicketPart().getEndTime();
boolean isClose = Math.abs( reply.getEndTime().getTime() - expectedEndTime.getTime() ) < 5000;
@@ -822,40 +798,39 @@ public class TicketGrantingServiceTest e
// Get the mutable ticket part.
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
- EncTicketPartModifier encTicketPartModifier = getTicketArchetype( clientPrincipal );
+ EncTicketPart encTicketPart = getTicketArchetype( clientPrincipal );
// Make changes to test.
- encTicketPartModifier.setFlag( TicketFlag.RENEWABLE );
- encTicketPartModifier.setStartTime( new KerberosTime( now - KerberosTime.DAY / 2 ) );
- encTicketPartModifier.setEndTime( new KerberosTime( now + KerberosTime.DAY / 2 ) );
+ encTicketPart.setFlag( TicketFlag.RENEWABLE );
+ encTicketPart.setStartTime( new KerberosTime( now - KerberosTime.DAY / 2 ) );
+ encTicketPart.setEndTime( new KerberosTime( now + KerberosTime.DAY / 2 ) );
// Seal the ticket for the server.
KerberosPrincipal serverPrincipal = new KerberosPrincipal( "ldap/ldap.example.com@EXAMPLE.COM" );
String passPhrase = "randomKey";
EncryptionKey serverKey = getEncryptionKey( serverPrincipal, passPhrase );
- Ticket tgt = getTicket( encTicketPartModifier, serverPrincipal, serverKey );
+ Ticket tgt = getTicket( encTicketPart, serverPrincipal, serverKey );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
KdcOptions kdcOptions = new KdcOptions();
kdcOptions.set( KdcOptions.RENEW );
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
KerberosTime requestedEndTime = new KerberosTime( now + KerberosTime.DAY / 2 );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
- RequestBody requestBody = modifier.getRequestBody();
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", TicketGrantReply.class, msg.getClass() );
- TicketGrantReply reply = ( TicketGrantReply ) msg;
+ assertEquals( "session.getMessage() instanceOf", TgsRep.class, msg.getClass() );
+ TgsRep reply = ( TgsRep ) msg;
KerberosTime expectedEndTime = new KerberosTime( now + KerberosTime.DAY );
boolean isClose = Math.abs( reply.getEndTime().getTime() - expectedEndTime.getTime() ) < 5000;
@@ -875,30 +850,31 @@ public class TicketGrantingServiceTest e
@Test
public void testEncryptionTypeNoSupport() throws Exception
{
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
- modifier.setRealm( "EXAMPLE.COM" );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
encryptionTypes.add( EncryptionType.DES3_CBC_MD5 );
- modifier.setEType( encryptionTypes );
+ kdcReqBody.setEType( encryptionTypes );
- modifier.setKdcOptions( new KdcOptions() );
+ kdcReqBody.setKdcOptions( new KdcOptions() );
long now = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( now + KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
- KdcRequest message = new KdcRequest( 5, KerberosMessageType.TGS_REQ, null, modifier.getRequestBody() );
+ KdcReq message = new TgsReq();
+ message.setKdcReqBody( kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", ErrorMessage.class, msg.getClass() );
- ErrorMessage error = ( ErrorMessage ) session.getMessage();
- assertEquals( "KDC has no support for encryption type", 14, error.getErrorCode() );
+ assertEquals( "session.getMessage() instanceOf", KrbError.class, msg.getClass() );
+ KrbError error = ( KrbError ) session.getMessage();
+ assertEquals( "KDC has no support for encryption type", ErrorType.KDC_ERR_ETYPE_NOSUPP, error.getErrorCode() );
}
@@ -917,30 +893,28 @@ public class TicketGrantingServiceTest e
Ticket tgt = getTgt( clientPrincipal, serverPrincipal, serverPassword );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "tquist" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "tquist" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
KdcOptions kdcOptions = new KdcOptions();
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long currentTime = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( currentTime + KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
- RequestBody requestBody = modifier.getRequestBody();
-
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", ErrorMessage.class, msg.getClass() );
- ErrorMessage error = ( ErrorMessage ) session.getMessage();
- assertEquals( "The client or server has a null key", 9, error.getErrorCode() );
+ assertEquals( "session.getMessage() instanceOf", KrbError.class, msg.getClass() );
+ KrbError error = ( KrbError ) session.getMessage();
+ assertEquals( "The client or server has a null key", ErrorType.KDC_ERR_NULL_KEY, error.getErrorCode() );
}
@@ -961,7 +935,7 @@ public class TicketGrantingServiceTest e
{
// Get the mutable ticket part.
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
- EncTicketPartModifier encTicketPartModifier = getTicketArchetype( clientPrincipal );
+ EncTicketPart encTicketPart = getTicketArchetype( clientPrincipal );
// Make changes to test.
@@ -969,29 +943,28 @@ public class TicketGrantingServiceTest e
KerberosPrincipal serverPrincipal = new KerberosPrincipal( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" );
String passPhrase = "randomKey";
EncryptionKey serverKey = getEncryptionKey( serverPrincipal, passPhrase );
- Ticket tgt = getTicket( encTicketPartModifier, serverPrincipal, serverKey );
+ Ticket tgt = getTicket( encTicketPart, serverPrincipal, serverKey );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
- modifier.setKdcOptions( new KdcOptions() );
+ kdcReqBody.setKdcOptions( new KdcOptions() );
long now = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( now + KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
- RequestBody requestBody = modifier.getRequestBody();
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", TicketGrantReply.class, msg.getClass() );
- TicketGrantReply reply = ( TicketGrantReply ) msg;
+ assertEquals( "session.getMessage() instanceOf", TgsRep.class, msg.getClass() );
+ TgsRep reply = ( TgsRep ) msg;
KerberosTime expectedStartTime = new KerberosTime( now );
boolean isClose = reply.getStartTime() == null
@@ -1017,7 +990,7 @@ public class TicketGrantingServiceTest e
{
// Get the mutable ticket part.
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
- EncTicketPartModifier encTicketPartModifier = getTicketArchetype( clientPrincipal );
+ EncTicketPart encTicketPart = getTicketArchetype( clientPrincipal );
// Make changes to test.
@@ -1025,32 +998,31 @@ public class TicketGrantingServiceTest e
KerberosPrincipal serverPrincipal = new KerberosPrincipal( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" );
String passPhrase = "randomKey";
EncryptionKey serverKey = getEncryptionKey( serverPrincipal, passPhrase );
- Ticket tgt = getTicket( encTicketPartModifier, serverPrincipal, serverKey );
+ Ticket tgt = getTicket( encTicketPart, serverPrincipal, serverKey );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
- modifier.setKdcOptions( new KdcOptions() );
+ kdcReqBody.setKdcOptions( new KdcOptions() );
long now = System.currentTimeMillis();
KerberosTime requestedStartTime = new KerberosTime( now + -1 * KerberosTime.DAY );
- modifier.setFrom( requestedStartTime );
+ kdcReqBody.setFrom( requestedStartTime );
KerberosTime requestedEndTime = new KerberosTime( now + KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
- RequestBody requestBody = modifier.getRequestBody();
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", TicketGrantReply.class, msg.getClass() );
- TicketGrantReply reply = ( TicketGrantReply ) msg;
+ assertEquals( "session.getMessage() instanceOf", TgsRep.class, msg.getClass() );
+ TgsRep reply = ( TgsRep ) msg;
KerberosTime expectedStartTime = new KerberosTime( now );
boolean isClose = reply.getStartTime() == null
@@ -1076,7 +1048,7 @@ public class TicketGrantingServiceTest e
{
// Get the mutable ticket part.
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
- EncTicketPartModifier encTicketPartModifier = getTicketArchetype( clientPrincipal );
+ EncTicketPart encTicketPart = getTicketArchetype( clientPrincipal );
// Make changes to test.
@@ -1084,32 +1056,31 @@ public class TicketGrantingServiceTest e
KerberosPrincipal serverPrincipal = new KerberosPrincipal( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" );
String passPhrase = "randomKey";
EncryptionKey serverKey = getEncryptionKey( serverPrincipal, passPhrase );
- Ticket tgt = getTicket( encTicketPartModifier, serverPrincipal, serverKey );
+ Ticket tgt = getTicket( encTicketPart, serverPrincipal, serverKey );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
- modifier.setKdcOptions( new KdcOptions() );
+ kdcReqBody.setKdcOptions( new KdcOptions() );
long now = System.currentTimeMillis();
KerberosTime requestedStartTime = new KerberosTime( now );
- modifier.setFrom( requestedStartTime );
+ kdcReqBody.setFrom( requestedStartTime );
KerberosTime requestedEndTime = new KerberosTime( now + KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
- RequestBody requestBody = modifier.getRequestBody();
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", TicketGrantReply.class, msg.getClass() );
- TicketGrantReply reply = ( TicketGrantReply ) msg;
+ assertEquals( "session.getMessage() instanceOf", TgsRep.class, msg.getClass() );
+ TgsRep reply = ( TgsRep ) msg;
KerberosTime expectedStartTime = new KerberosTime( now );
boolean isClose = reply.getStartTime() == null
@@ -1133,44 +1104,43 @@ public class TicketGrantingServiceTest e
{
// Get the mutable ticket part.
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
- EncTicketPartModifier encTicketPartModifier = getTicketArchetype( clientPrincipal );
+ EncTicketPart encTicketPart = getTicketArchetype( clientPrincipal );
// Make changes to test.
- encTicketPartModifier.setFlag( TicketFlag.MAY_POSTDATE );
+ encTicketPart.setFlag( TicketFlag.MAY_POSTDATE );
// Seal the ticket for the server.
KerberosPrincipal serverPrincipal = new KerberosPrincipal( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" );
String passPhrase = "randomKey";
EncryptionKey serverKey = getEncryptionKey( serverPrincipal, passPhrase );
- Ticket tgt = getTicket( encTicketPartModifier, serverPrincipal, serverKey );
+ Ticket tgt = getTicket( encTicketPart, serverPrincipal, serverKey );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
KdcOptions kdcOptions = new KdcOptions();
kdcOptions.set( KdcOptions.POSTDATED );
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long now = System.currentTimeMillis();
KerberosTime requestedStartTime = new KerberosTime( now + KerberosTime.DAY );
- modifier.setFrom( requestedStartTime );
+ kdcReqBody.setFrom( requestedStartTime );
KerberosTime requestedEndTime = new KerberosTime( now );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
- RequestBody requestBody = modifier.getRequestBody();
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", ErrorMessage.class, msg.getClass() );
- ErrorMessage error = ( ErrorMessage ) session.getMessage();
- assertEquals( "Requested start time is later than end time", 11, error.getErrorCode() );
+ assertEquals( "session.getMessage() instanceOf", KrbError.class, msg.getClass() );
+ KrbError error = ( KrbError ) session.getMessage();
+ assertEquals( "Requested start time is later than end time", ErrorType.KDC_ERR_NEVER_VALID, error.getErrorCode() );
}
@@ -1190,43 +1160,42 @@ public class TicketGrantingServiceTest e
{
// Get the mutable ticket part.
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
- EncTicketPartModifier encTicketPartModifier = getTicketArchetype( clientPrincipal );
+ EncTicketPart encTicketPart = getTicketArchetype( clientPrincipal );
// Make changes to test.
- encTicketPartModifier.setFlag( TicketFlag.MAY_POSTDATE );
+ encTicketPart.setFlag( TicketFlag.MAY_POSTDATE );
// Seal the ticket for the server.
KerberosPrincipal serverPrincipal = new KerberosPrincipal( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" );
String passPhrase = "randomKey";
EncryptionKey serverKey = getEncryptionKey( serverPrincipal, passPhrase );
- Ticket tgt = getTicket( encTicketPartModifier, serverPrincipal, serverKey );
+ Ticket tgt = getTicket( encTicketPart, serverPrincipal, serverKey );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
KdcOptions kdcOptions = new KdcOptions();
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long now = System.currentTimeMillis();
KerberosTime requestedStartTime = new KerberosTime( now );
- modifier.setFrom( requestedStartTime );
+ kdcReqBody.setFrom( requestedStartTime );
KerberosTime requestedEndTime = new KerberosTime( now + 4 * KerberosTime.MINUTE );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
- RequestBody requestBody = modifier.getRequestBody();
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", ErrorMessage.class, msg.getClass() );
- ErrorMessage error = ( ErrorMessage ) session.getMessage();
- assertEquals( "Requested start time is later than end time", 11, error.getErrorCode() );
+ assertEquals( "session.getMessage() instanceOf", KrbError.class, msg.getClass() );
+ KrbError error = ( KrbError ) session.getMessage();
+ assertEquals( "Requested start time is later than end time", ErrorType.KDC_ERR_NEVER_VALID, error.getErrorCode() );
}
@@ -1245,42 +1214,41 @@ public class TicketGrantingServiceTest e
{
// Get the mutable ticket part.
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
- EncTicketPartModifier encTicketPartModifier = getTicketArchetype( clientPrincipal );
+ EncTicketPart encTicketPart = getTicketArchetype( clientPrincipal );
// Make changes to test.
- encTicketPartModifier.setFlag( TicketFlag.MAY_POSTDATE );
+ encTicketPart.setFlag( TicketFlag.MAY_POSTDATE );
// Seal the ticket for the server.
KerberosPrincipal serverPrincipal = new KerberosPrincipal( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" );
String passPhrase = "randomKey";
EncryptionKey serverKey = getEncryptionKey( serverPrincipal, passPhrase );
- Ticket tgt = getTicket( encTicketPartModifier, serverPrincipal, serverKey );
+ Ticket tgt = getTicket( encTicketPart, serverPrincipal, serverKey );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
- modifier.setKdcOptions( new KdcOptions() );
+ kdcReqBody.setKdcOptions( new KdcOptions() );
long now = System.currentTimeMillis();
KerberosTime requestedStartTime = new KerberosTime( now + 10 * KerberosTime.MINUTE );
- modifier.setFrom( requestedStartTime );
+ kdcReqBody.setFrom( requestedStartTime );
KerberosTime requestedEndTime = new KerberosTime( now + KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
- RequestBody requestBody = modifier.getRequestBody();
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", ErrorMessage.class, msg.getClass() );
- ErrorMessage error = ( ErrorMessage ) session.getMessage();
- assertEquals( "Ticket not eligible for postdating", 10, error.getErrorCode() );
+ assertEquals( "session.getMessage() instanceOf", KrbError.class, msg.getClass() );
+ KrbError error = ( KrbError ) session.getMessage();
+ assertEquals( "Ticket not eligible for postdating", ErrorType.KDC_ERR_CANNOT_POSTDATE, error.getErrorCode() );
}
@@ -1311,43 +1279,42 @@ public class TicketGrantingServiceTest e
// Get the mutable ticket part.
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
- EncTicketPartModifier encTicketPartModifier = getTicketArchetype( clientPrincipal );
+ EncTicketPart encTicketPart = getTicketArchetype( clientPrincipal );
// Make changes to test.
- encTicketPartModifier.setFlag( TicketFlag.MAY_POSTDATE );
+ encTicketPart.setFlag( TicketFlag.MAY_POSTDATE );
// Service ticket end time will be limited by TGT end time.
- encTicketPartModifier.setEndTime( new KerberosTime( now + 3 * KerberosTime.DAY ) );
+ encTicketPart.setEndTime( new KerberosTime( now + 3 * KerberosTime.DAY ) );
// Seal the ticket for the server.
KerberosPrincipal serverPrincipal = new KerberosPrincipal( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" );
String passPhrase = "randomKey";
EncryptionKey serverKey = getEncryptionKey( serverPrincipal, passPhrase );
- Ticket tgt = getTicket( encTicketPartModifier, serverPrincipal, serverKey );
+ Ticket tgt = getTicket( encTicketPart, serverPrincipal, serverKey );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "hnelson" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "hnelson" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
KdcOptions kdcOptions = new KdcOptions();
kdcOptions.set( KdcOptions.POSTDATED );
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
KerberosTime requestedStartTime = new KerberosTime( now + KerberosTime.DAY );
- modifier.setFrom( requestedStartTime );
+ kdcReqBody.setFrom( requestedStartTime );
KerberosTime requestedEndTime = new KerberosTime( now + 2 * KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
- RequestBody requestBody = modifier.getRequestBody();
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", TicketGrantReply.class, msg.getClass() );
- TicketGrantReply reply = ( TicketGrantReply ) msg;
+ assertEquals( "session.getMessage() instanceOf", TgsRep.class, msg.getClass() );
+ TgsRep reply = ( TgsRep ) msg;
assertTrue( "Requested start time", requestedStartTime.equals( reply.getStartTime() ) );
assertTrue( "Requested end time", requestedEndTime.equals( reply.getEndTime() ) );
@@ -1372,39 +1339,38 @@ public class TicketGrantingServiceTest e
{
// Get the mutable ticket part.
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
- EncTicketPartModifier encTicketPartModifier = getTicketArchetype( clientPrincipal );
+ EncTicketPart encTicketPart = getTicketArchetype( clientPrincipal );
// Make changes to test.
- encTicketPartModifier.setFlag( TicketFlag.PRE_AUTHENT );
+ encTicketPart.setFlag( TicketFlag.PRE_AUTHENT );
// Seal the ticket for the server.
KerberosPrincipal serverPrincipal = new KerberosPrincipal( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" );
String passPhrase = "randomKey";
EncryptionKey serverKey = getEncryptionKey( serverPrincipal, passPhrase );
- Ticket tgt = getTicket( encTicketPartModifier, serverPrincipal, serverKey );
+ Ticket tgt = getTicket( encTicketPart, serverPrincipal, serverKey );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "hnelson" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "hnelson" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
KdcOptions kdcOptions = new KdcOptions();
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long now = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( now + KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
- RequestBody requestBody = modifier.getRequestBody();
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", TicketGrantReply.class, msg.getClass() );
- TicketGrantReply reply = ( TicketGrantReply ) msg;
+ assertEquals( "session.getMessage() instanceOf", TgsRep.class, msg.getClass() );
+ TgsRep reply = ( TgsRep ) msg;
assertTrue( "PRE_AUTHENT flag", reply.getTicket().getEncTicketPart().getFlags().isPreAuth() );
}
@@ -1425,7 +1391,7 @@ public class TicketGrantingServiceTest e
{
// Get the mutable ticket part.
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
- EncTicketPartModifier encTicketPartModifier = getTicketArchetype( clientPrincipal );
+ EncTicketPart encTicketPart = getTicketArchetype( clientPrincipal );
// Make changes to test.
@@ -1433,30 +1399,29 @@ public class TicketGrantingServiceTest e
KerberosPrincipal serverPrincipal = new KerberosPrincipal( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" );
String passPhrase = "randomKey";
EncryptionKey serverKey = getEncryptionKey( serverPrincipal, passPhrase );
- Ticket tgt = getTicket( encTicketPartModifier, serverPrincipal, serverKey );
+ Ticket tgt = getTicket( encTicketPart, serverPrincipal, serverKey );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "hnelson" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "hnelson" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
KdcOptions kdcOptions = new KdcOptions();
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long now = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( now + KerberosTime.DAY / 2 );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
- RequestBody requestBody = modifier.getRequestBody();
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", TicketGrantReply.class, msg.getClass() );
- TicketGrantReply reply = ( TicketGrantReply ) msg;
+ assertEquals( "session.getMessage() instanceOf", TgsRep.class, msg.getClass() );
+ TgsRep reply = ( TgsRep ) msg;
assertTrue( "Requested end time", requestedEndTime.equals( reply.getEndTime() ) );
}
@@ -1478,7 +1443,7 @@ public class TicketGrantingServiceTest e
{
// Get the mutable ticket part.
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
- EncTicketPartModifier encTicketPartModifier = getTicketArchetype( clientPrincipal );
+ EncTicketPart encTicketPart = getTicketArchetype( clientPrincipal );
// Make changes to test.
@@ -1486,30 +1451,29 @@ public class TicketGrantingServiceTest e
KerberosPrincipal serverPrincipal = new KerberosPrincipal( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" );
String passPhrase = "randomKey";
EncryptionKey serverKey = getEncryptionKey( serverPrincipal, passPhrase );
- Ticket tgt = getTicket( encTicketPartModifier, serverPrincipal, serverKey );
+ Ticket tgt = getTicket( encTicketPart, serverPrincipal, serverKey );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "hnelson" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "hnelson" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
KdcOptions kdcOptions = new KdcOptions();
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long now = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( now + KerberosTime.WEEK );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
- RequestBody requestBody = modifier.getRequestBody();
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", TicketGrantReply.class, msg.getClass() );
- TicketGrantReply reply = ( TicketGrantReply ) msg;
+ assertEquals( "session.getMessage() instanceOf", TgsRep.class, msg.getClass() );
+ TgsRep reply = ( TgsRep ) msg;
KerberosTime expectedEndTime = new KerberosTime( now + KerberosTime.DAY );
boolean isClose = Math.abs( reply.getEndTime().getTime() - expectedEndTime.getTime() ) < 5000;
@@ -1529,7 +1493,7 @@ public class TicketGrantingServiceTest e
{
// Get the mutable ticket part.
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
- EncTicketPartModifier encTicketPartModifier = getTicketArchetype( clientPrincipal );
+ EncTicketPart encTicketPart = getTicketArchetype( clientPrincipal );
// Make changes to test.
@@ -1537,29 +1501,27 @@ public class TicketGrantingServiceTest e
KerberosPrincipal serverPrincipal = new KerberosPrincipal( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" );
String passPhrase = "randomKey";
EncryptionKey serverKey = getEncryptionKey( serverPrincipal, passPhrase );
- Ticket tgt = getTicket( encTicketPartModifier, serverPrincipal, serverKey );
+ Ticket tgt = getTicket( encTicketPart, serverPrincipal, serverKey );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "hnelson" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "hnelson" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
- modifier.setKdcOptions( new KdcOptions() );
+ kdcReqBody.setKdcOptions( new KdcOptions() );
String epoch = "19700101000000Z";
KerberosTime requestedEndTime = KerberosTime.getTime( epoch );
- modifier.setTill( requestedEndTime );
-
- RequestBody requestBody = modifier.getRequestBody();
+ kdcReqBody.setTill( requestedEndTime );
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", TicketGrantReply.class, msg.getClass() );
- TicketGrantReply reply = ( TicketGrantReply ) msg;
+ assertEquals( "session.getMessage() instanceOf", TgsRep.class, msg.getClass() );
+ TgsRep reply = ( TgsRep ) msg;
long now = System.currentTimeMillis();
KerberosTime expectedEndTime = new KerberosTime( now + KerberosTime.DAY );
@@ -1586,40 +1548,39 @@ public class TicketGrantingServiceTest e
{
// Get the mutable ticket part.
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
- EncTicketPartModifier encTicketPartModifier = getTicketArchetype( clientPrincipal );
+ EncTicketPart encTicketPart = getTicketArchetype( clientPrincipal );
// Make changes to test.
- encTicketPartModifier.setFlag( TicketFlag.RENEWABLE );
+ encTicketPart.setFlag( TicketFlag.RENEWABLE );
// Seal the ticket for the server.
KerberosPrincipal serverPrincipal = new KerberosPrincipal( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" );
String passPhrase = "randomKey";
EncryptionKey serverKey = getEncryptionKey( serverPrincipal, passPhrase );
- Ticket tgt = getTicket( encTicketPartModifier, serverPrincipal, serverKey );
+ Ticket tgt = getTicket( encTicketPart, serverPrincipal, serverKey );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
KdcOptions kdcOptions = new KdcOptions();
kdcOptions.set( KdcOptions.RENEWABLE_OK );
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long now = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( now + KerberosTime.WEEK );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
- RequestBody requestBody = modifier.getRequestBody();
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", TicketGrantReply.class, msg.getClass() );
- TicketGrantReply reply = ( TicketGrantReply ) msg;
+ assertEquals( "session.getMessage() instanceOf", TgsRep.class, msg.getClass() );
+ TgsRep reply = ( TgsRep ) msg;
KerberosTime expectedEndTime = new KerberosTime( now + KerberosTime.DAY );
boolean isClose = Math.abs( reply.getEndTime().getTime() - expectedEndTime.getTime() ) < 5000;
@@ -1648,40 +1609,39 @@ public class TicketGrantingServiceTest e
{
// Get the mutable ticket part.
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
- EncTicketPartModifier encTicketPartModifier = getTicketArchetype( clientPrincipal );
+ EncTicketPart encTicketPart = getTicketArchetype( clientPrincipal );
// Make changes to test.
- encTicketPartModifier.setFlag( TicketFlag.FORWARDABLE );
+ encTicketPart.setFlag( TicketFlag.FORWARDABLE );
// Seal the ticket for the server.
KerberosPrincipal serverPrincipal = new KerberosPrincipal( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" );
String passPhrase = "randomKey";
EncryptionKey serverKey = getEncryptionKey( serverPrincipal, passPhrase );
- Ticket tgt = getTicket( encTicketPartModifier, serverPrincipal, serverKey );
+ Ticket tgt = getTicket( encTicketPart, serverPrincipal, serverKey );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
KdcOptions kdcOptions = new KdcOptions();
kdcOptions.set( KdcOptions.FORWARDABLE );
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long now = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( now + 1 * KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
- RequestBody requestBody = modifier.getRequestBody();
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", TicketGrantReply.class, msg.getClass() );
- TicketGrantReply reply = ( TicketGrantReply ) msg;
+ assertEquals( "session.getMessage() instanceOf", TgsRep.class, msg.getClass() );
+ TgsRep reply = ( TgsRep ) msg;
assertTrue( "FORWARDABLE flag", reply.getFlags().isForwardable() );
assertFalse( "INVALID flag", reply.getFlags().isInvalid() );
@@ -1705,40 +1665,39 @@ public class TicketGrantingServiceTest e
{
// Get the mutable ticket part.
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
- EncTicketPartModifier encTicketPartModifier = getTicketArchetype( clientPrincipal );
+ EncTicketPart encTicketPart = getTicketArchetype( clientPrincipal );
// Make changes to test.
- encTicketPartModifier.setFlag( TicketFlag.MAY_POSTDATE );
+ encTicketPart.setFlag( TicketFlag.MAY_POSTDATE );
// Seal the ticket for the server.
KerberosPrincipal serverPrincipal = new KerberosPrincipal( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" );
String passPhrase = "randomKey";
EncryptionKey serverKey = getEncryptionKey( serverPrincipal, passPhrase );
- Ticket tgt = getTicket( encTicketPartModifier, serverPrincipal, serverKey );
+ Ticket tgt = getTicket( encTicketPart, serverPrincipal, serverKey );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
KdcOptions kdcOptions = new KdcOptions();
kdcOptions.set( KdcOptions.ALLOW_POSTDATE );
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long now = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( now + 1 * KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
- RequestBody requestBody = modifier.getRequestBody();
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", TicketGrantReply.class, msg.getClass() );
- TicketGrantReply reply = ( TicketGrantReply ) msg;
+ assertEquals( "session.getMessage() instanceOf", TgsRep.class, msg.getClass() );
+ TgsRep reply = ( TgsRep ) msg;
assertTrue( "MAY_POSTDATE flag", reply.getFlags().isMayPosdate() );
assertFalse( "INVALID flag", reply.getFlags().isInvalid() );
@@ -1762,40 +1721,39 @@ public class TicketGrantingServiceTest e
{
// Get the mutable ticket part.
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
- EncTicketPartModifier encTicketPartModifier = getTicketArchetype( clientPrincipal );
+ EncTicketPart encTicketPart = getTicketArchetype( clientPrincipal );
// Make changes to test.
- encTicketPartModifier.setFlag( TicketFlag.PROXIABLE );
+ encTicketPart.setFlag( TicketFlag.PROXIABLE );
// Seal the ticket for the server.
KerberosPrincipal serverPrincipal = new KerberosPrincipal( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" );
String passPhrase = "randomKey";
EncryptionKey serverKey = getEncryptionKey( serverPrincipal, passPhrase );
- Ticket tgt = getTicket( encTicketPartModifier, serverPrincipal, serverKey );
+ Ticket tgt = getTicket( encTicketPart, serverPrincipal, serverKey );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
KdcOptions kdcOptions = new KdcOptions();
kdcOptions.set( KdcOptions.PROXIABLE );
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long now = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( now + 1 * KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
- RequestBody requestBody = modifier.getRequestBody();
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", TicketGrantReply.class, msg.getClass() );
- TicketGrantReply reply = ( TicketGrantReply ) msg;
+ assertEquals( "session.getMessage() instanceOf", TgsRep.class, msg.getClass() );
+ TgsRep reply = ( TgsRep ) msg;
assertTrue( "PROXIABLE flag", reply.getFlags().isProxiable() );
assertFalse( "INVALID flag", reply.getFlags().isInvalid() );
@@ -1822,43 +1780,42 @@ public class TicketGrantingServiceTest e
{
// Get the mutable ticket part.
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
- EncTicketPartModifier encTicketPartModifier = getTicketArchetype( clientPrincipal );
+ EncTicketPart encTicketPart = getTicketArchetype( clientPrincipal );
// Make changes to test.
- encTicketPartModifier.setFlag( TicketFlag.RENEWABLE );
+ encTicketPart.setFlag( TicketFlag.RENEWABLE );
// Seal the ticket for the server.
KerberosPrincipal serverPrincipal = new KerberosPrincipal( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" );
String passPhrase = "randomKey";
EncryptionKey serverKey = getEncryptionKey( serverPrincipal, passPhrase );
- Ticket tgt = getTicket( encTicketPartModifier, serverPrincipal, serverKey );
+ Ticket tgt = getTicket( encTicketPart, serverPrincipal, serverKey );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setServerName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
- modifier.setNonce( random.nextInt() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setSName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
+ kdcReqBody.setNonce( random.nextInt() );
KdcOptions kdcOptions = new KdcOptions();
kdcOptions.set( KdcOptions.RENEWABLE );
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long now = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( now + 1 * KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
KerberosTime requestedRenewTillTime = new KerberosTime( now + KerberosTime.WEEK / 2 );
- modifier.setRtime( requestedRenewTillTime );
+ kdcReqBody.setRtime( requestedRenewTillTime );
- RequestBody requestBody = modifier.getRequestBody();
- KdcRequest message = getKdcRequest( tgt, requestBody );
+ KdcReq message = getKdcRequest( tgt, kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", TicketGrantReply.class, msg.getClass() );
- TicketGrantReply reply = ( TicketGrantReply ) msg;
+ assertEquals( "session.getMessage() instanceOf", TgsRep.class, msg.getClass() );
+ TgsRep reply = ( TgsRep ) msg;
assertTrue( "RENEWABLE flag", reply.getFlags().isRenewable() );
assertFalse( "INVALID flag", reply.getFlags().isInvalid() );
@@ -1888,43 +1845,42 @@ public class TicketGrantingServiceTest e
{
// Get the mutable ticket part.
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
- EncTicketPartModifier encTicketPartModifier = getTicketArchetype( clientPrincipal );
+ EncTicketPart encTicketPart = getTicketArchetype( clientPrincipal );
// Make changes to test.
- encTicketPartModifier.setFlag( TicketFlag.RENEWABLE );
+ encTicketPart.setFlag( TicketFlag.RENEWABLE );
// Seal the ticket for the server.
[... 143 lines stripped ...]